build(deps): Bump the ci-dependencies group across 1 directory with 7 updates #161

dependabot · 2024-11-01T06:20:24Z

Bumps the ci-dependencies group with 7 updates in the / directory:

Package	From	To
actions/checkout	`4.1.7`	`4.2.2`
sigstore/cosign-installer	`3.6.0`	`3.7.0`
docker/setup-buildx-action	`3.6.1`	`3.7.1`
docker/build-push-action	`6.7.0`	`6.9.0`
actions/upload-artifact	`4.4.0`	`4.4.3`
Swatinem/rust-cache	`2.7.3`	`2.7.5`
actions/cache	`4.0.2`	`4.1.2`

Updates actions/checkout from 4.1.7 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

@yasonk made their first contribution in actions/checkout#1869

@lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

... (truncated)

Commits

11bd719 Prepare 4.2.2 Release (#1953)
e3d2460 Expand unit test coverage (#1946)
163217d url-helper.ts now leverages well-known environment variables. (#1941)
eef6144 Prepare 4.2.1 release (#1925)
6b42224 Add workflow file for publishing releases to immutable action package (#1919)
de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
d632683 Prepare 4.2.0 release (#1878)
6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
b684943 Add Ref and Commit outputs (#1180)
Additional commits viewable in compare view

Updates sigstore/cosign-installer from 3.6.0 to 3.7.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.7.0

What's Changed

Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in sigstore/cosign-installer#172

bump for latest cosign v2.4.1 release by @bobcallaway in sigstore/cosign-installer#173

Full Changelog: sigstore/cosign-installer@v3.6.0...v3.7.0

Commits

dc72c7d bump for latest cosign v2.4.1 release (#173)
08bb361 Bump actions/checkout from 4.1.7 to 4.2.0 (#172)
See full diff in compare view

Updates docker/setup-buildx-action from 3.6.1 to 3.7.1

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.7.1

Switch back to uuid package by @crazy-max in docker/setup-buildx-action#369

Full Changelog: docker/setup-buildx-action@v3.7.0...v3.7.1

v3.7.0

Always set buildkitd-flags if opt-in by @crazy-max in docker/setup-buildx-action#363

Remove uuid package and switch to crypto by @crazy-max in docker/setup-buildx-action#366

Bump @docker/actions-toolkit from 0.35.0 to 0.39.0 in docker/setup-buildx-action#362

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-buildx-action#354

Full Changelog: docker/setup-buildx-action@v3.6.1...v3.7.0

Commits

c47758b Merge pull request #369 from crazy-max/revert-crypto
8fea382 chore: update generated content
2874e98 switch back to uuid package
8026d2b Merge pull request #362 from docker/dependabot/npm_and_yarn/docker/actions-to...
e51aab5 chore: update generated content
fd7390e build(deps): bump @docker/actions-toolkit from 0.35.0 to 0.39.0
910a304 Merge pull request #366 from crazy-max/remove-uuid
3623ee4 chore: update generated content
e0e5ecf remove uuid package and switch to crypto
5334dd0 Merge pull request #363 from crazy-max/set-buildkitd-flags-optin
Additional commits viewable in compare view

Updates docker/build-push-action from 6.7.0 to 6.9.0

Release notes

Sourced from docker/build-push-action's releases.

v6.9.0

Bump @docker/actions-toolkit from 0.38.0 to 0.39.0 in docker/build-push-action#1234

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/build-push-action#1232

Full Changelog: docker/build-push-action@v6.8.0...v6.9.0

v6.8.0

Bump @docker/actions-toolkit from 0.37.1 to 0.38.0 in docker/build-push-action#1230

Full Changelog: docker/build-push-action@v6.7.0...v6.8.0

Commits

4f58ea7 Merge pull request #1234 from docker/dependabot/npm_and_yarn/docker/actions-t...
49b5ea6 chore: update generated content
13c9fdd chore(deps): Bump @docker/actions-toolkit from 0.38.0 to 0.39.0
e44afff Merge pull request #1232 from docker/dependabot/npm_and_yarn/path-to-regexp-6...
67ebad3 chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0
32945a3 Merge pull request #1230 from docker/dependabot/npm_and_yarn/docker/actions-t...
e0fe9cf chore: update generated content
8f1ff6b chore(deps): Bump @docker/actions-toolkit from 0.37.1 to 0.38.0
See full diff in compare view

Updates actions/upload-artifact from 4.4.0 to 4.4.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.4.3

What's Changed

Undo indirect dependency updates from #627 by @joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

Bump @actions/artifact to 2.1.11 by @robherley in actions/upload-artifact#627

Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

What's Changed

Add a section about hidden files by @joshmgross in actions/upload-artifact#607

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/upload-artifact#621

Update @actions/artifact to latest version, includes symlink and timeout fixes by @robherley in actions/upload-artifact#625

New Contributors

@Jcambass made their first contribution in actions/upload-artifact#621

Full Changelog: actions/upload-artifact@v4.4.0...v4.4.1

Commits

b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
92b01eb Undo indirect dependency updates from #627
8448086 Merge pull request #627 from actions/robherley/v4.4.2
b1d4642 add explicit relative and absolute symlinks to workflow
d50e660 bump version
aabe6f8 build with @actions/artifact v2.1.11
604373d Merge pull request #625 from actions/robherley/artifact-2.1.10
0150148 paste right core version
a009b25 update licenses
9f6f6f4 update @actions/core and @actions/artifact to latest versions
Additional commits viewable in compare view

Updates Swatinem/rust-cache from 2.7.3 to 2.7.5

Release notes

Sourced from Swatinem/rust-cache's releases.

v2.7.5

What's Changed

Upgrade checkout action from version 3 to 4 by @carsten-wenderdel in Swatinem/rust-cache#190

fix: usage of deprecated version of node by @hamirmahal in Swatinem/rust-cache#197

Only run macOsWorkaround() on macOS by @heksesang in Swatinem/rust-cache#206

Support Cargo.lock format cargo-lock v4 by @NobodyXu in Swatinem/rust-cache#211

New Contributors

@carsten-wenderdel made their first contribution in Swatinem/rust-cache#190

@hamirmahal made their first contribution in Swatinem/rust-cache#197

@heksesang made their first contribution in Swatinem/rust-cache#206

Full Changelog: Swatinem/rust-cache@v2.7.3...v2.7.5

Commits

82a92a6 2.7.5
598fe25 update dependencies, rebuild
8f842c2 Support Cargo.lock format cargo-lock v4 (#211)
96a8d65 Only run macOsWorkaround() on macOS (#206)
9bdad04 fix: usage of deprecated version of node (#197)
f7a52f6 "add jsonpath test"
2bceda3 "update dependencies"
640a221 Upgrade checkout action from version 3 to 4 (#190)
1582741 update dependencies
See full diff in compare view

Updates actions/cache from 4.0.2 to 4.1.2

Release notes

Sourced from actions/cache's releases.

v4.1.2

What's Changed

Add Bun example by @idleberg in actions/cache#1456

Revise isGhes logic by @jww3 in actions/cache#1474

Bump braces from 3.0.2 to 3.0.3 by @dependabot in actions/cache#1475

Add dependabot.yml to enable automatic dependency upgrades by @Link- in actions/cache#1476

Bump actions/checkout from 3 to 4 by @dependabot in actions/cache#1478

Bump actions/stale from 3 to 9 by @dependabot in actions/cache#1479

Bump github/codeql-action from 2 to 3 by @dependabot in actions/cache#1483

Bump actions/setup-node from 3 to 4 by @dependabot in actions/cache#1481

Prepare 4.1.2 release by @Link- in actions/cache#1477

New Contributors

@idleberg made their first contribution in actions/cache#1456

@jww3 made their first contribution in actions/cache#1474

@Link- made their first contribution in actions/cache#1476

Full Changelog: actions/cache@v4...v4.1.2

v4.1.1

What's Changed

Restore original behavior of cache-hit output by @joshmgross in actions/cache#1467

Full Changelog: actions/cache@v4.1.0...v4.1.1

v4.1.0

What's Changed

Fix cache-hit output when cache missed by @fchimpan in actions/cache#1404

Deprecate save-always input by @joshmgross in actions/cache#1452

New Contributors

@ottlinger made their first contribution in actions/cache#1437

@Olegt0rr made their first contribution in actions/cache#1377

@fchimpan made their first contribution in actions/cache#1404

@x612skm made their first contribution in actions/cache#1434

@todgru made their first contribution in actions/cache#1311

@Jcambass made their first contribution in actions/cache#1463

@mackey0225 made their first contribution in actions/cache#1462

@quatquatt made their first contribution in actions/cache#1445

Full Changelog: actions/cache@v4.0.2...v4.1.0

Changelog

Sourced from actions/cache's changelog.

Releases

4.1.2

Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474

Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

Restore original behavior of cache-hit output - #1467

4.1.0

Ensure cache-hit output is set when a cache is missed - #1404

Deprecate save-always input - #1452

4.0.2

Fixed restore fail-on-cache-miss not working.

4.0.1

Updated isGhes check

4.0.0

Updated minimum runner version support from node 12 -> node 20

3.3.3

Updates @actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378

Additional audit fixes of npm package(s)

3.3.2

Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

Added option to lookup cache without downloading it.

3.2.6

Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

... (truncated)

Commits

6849a64 Release 4.1.2 #1477
5a1720c Merge branch 'Link-/prep-4.1.2' of https://github.com/actions/cache into Link...
d9fef48 Merge branch 'main' into Link-/prep-4.1.2
a50e8d0 Merge branch 'main' into Link-/prep-4.1.2
acc9ae5 Merge pull request #1481 from actions/dependabot/github_actions/actions/setup...
1ea5f18 Merge branch 'main' into Link-/prep-4.1.2
cc679ff Merge branch 'main' into dependabot/github_actions/actions/setup-node-4
366d43d Merge pull request #1483 from actions/dependabot/github_actions/github/codeql...
02bf319 Bump github/codeql-action from 2 to 3
6f6220b Merge branch 'main' into dependabot/github_actions/actions/setup-node-4
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates Bumps the ci-dependencies group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.2` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.6.1` | `3.7.1` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.7.0` | `6.9.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.7.3` | `2.7.5` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.1.2` | Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...11bd719) Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@4959ce0...dc72c7d) Updates `docker/setup-buildx-action` from 3.6.1 to 3.7.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@988b5a0...c47758b) Updates `docker/build-push-action` from 6.7.0 to 6.9.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@5cd11c3...4f58ea7) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5076954...b4b15b8) Updates `Swatinem/rust-cache` from 2.7.3 to 2.7.5 - [Release notes](https://github.com/swatinem/rust-cache/releases) - [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md) - [Commits](Swatinem/rust-cache@23bce25...82a92a6) Updates `actions/cache` from 4.0.2 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...6849a64) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-dependencies - dependency-name: Swatinem/rust-cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump the ci-dependencies group across 1 directory with 7 updates #161

build(deps): Bump the ci-dependencies group across 1 directory with 7 updates #161

dependabot bot commented on behalf of github Nov 1, 2024

build(deps): Bump the ci-dependencies group across 1 directory with 7 updates #161

Are you sure you want to change the base?

build(deps): Bump the ci-dependencies group across 1 directory with 7 updates #161

Conversation

dependabot bot commented on behalf of github Nov 1, 2024

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

v4.2.0

What's Changed

New Contributors

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v3.7.0

What's Changed

v3.7.1

v3.7.0

v6.9.0

v6.8.0

v4.4.3

What's Changed

v4.4.2

What's Changed

v4.4.1

What's Changed

New Contributors

v2.7.5

What's Changed

New Contributors

v4.1.2

What's Changed

New Contributors

v4.1.1

What's Changed

v4.1.0

What's Changed

New Contributors

Releases

4.1.2

4.1.1

4.1.0

4.0.2

4.0.1

4.0.0

3.3.3

3.3.2

3.3.1

3.3.0

3.2.6

3.2.5